A new threat to Internet security has emerged that you need to be aware of, …

As Bruce Schneier spent the past decade watching the growing rash of phishers, malware attacks, and identity theft, a new Internet threat has emerged that poses even greater risks, the security expert said.

Unlike the security risks posed by criminals, the threat from government regulation and data hoarders such as Apple and Google are more insidious because they threaten to alter the fabric of the Internet itself. They're also different from traditional Internet threats because the perpetrators are shielded in a cloak of legitimacy. As a result, many people don't recognize that their personal information or fortunes are more susceptible to these new forces than they ever were to the Russian Business Network or other Internet gangsters.

"Taken as a whole, there's a lot of things going on that affect our industry from outside our industry," Schneier, who is the author of five security books, said during a Wednesday keynote at the 24th General Meeting of the Messaging Anti-Abuse Working Group. "These are things that might be imposed on us. More capability, more usability, less control."

The first of three pillars propping up this outside threat are big data collectors, which in addition to Apple and Google, Schneier identified as Amazon and Facebook. (Notice Microsoft didn't make the cut.) The goal of their data collection is for marketers to be able to make snap decisions about the product tastes, credit worthiness, and employment suitability of millions of people. Often, this information is fed into systems maintained by governments.

Schneier didn't discuss the effect this unprecedented level of data scavenging has on individual privacy. Instead, he focused on how it ties the hands of people working at ISPs and software companies who work to secure their customers' personal information.

"We in security face enormous threats here because there are things we might want to do that we won't be able to do," he told about 400 people attending the three-day San Francisco conference. "You could see a law that limits what we can do about cookie deletion." Laws that require smartphones or other devices to be equipped with unique identifiers aren't a stretch, either, he said.

Schneier said the threat is often obfuscated by the tremendous technical advances the big data players have offered. Google mail is a safer alternative for average users because there's almost no chance they'll ever lose a message. Apple's iPhone is wildly popular because it's easy to use and to date has proved largely impervious to real-world malware attacks. But behind the security and reliability, there are threats many don't consider.

"I can't find a program that will erase the data on this thing to a reasonable assurance without jailbreaking it," he said, holding up his iPhone. "For me that's bad."

The age of feudal security

He called the new model "feudal security" in which Kindle Fire owners trust their security to Amazon, iPhone users trust their Apple, and so on. As a result, the devices no longer come with general-purpose capabilities. Open environments are increasingly being replaced with closed systems that are designed to give users less control.

In addition to the threat from big data—which Schneier coined "the risks of Layer 8 and Layer 9 attacks"—he said Internet users are being harmed by the surge in government attempts to redesign Internet infrastructure. As more and more of the world goes online, it's a given more crime will follow, he said. As a result, laws such as the 1994 Communications Assistance for Law Enforcement Act—which mandated telecom companies redesign switches and other gears so law enforcement agents could tap them—are slowly being extended to Internet technologies, possibly such as Skype and Hushmail.

Another example is a push among governments in Europe to require ISPs to store logs of user activity for 12 months or longer in case the information is needed in an investigation.

"Here, we have an example of government coming in an effort they believe will make us all safer," he said. "I look at it and say it's much less safe because once you have that data you're going to have to secure it. And the securest thing you can do is to delete it. So again we're seeing people who are not Internet security people trying to push a security policy."

The third force of this outside, nontechnical threat is posed by a "cyberwar" arms race, in which countries around the planet develop weapons such as the Stuxnet worm, case each other's networks, and possibly even plant backdoors in case they're needed during a time of war.

"We're now living in a world where nations are stockpiling cyber weapons," he said. "The military industrial complex is alive and well and quite happy to spend lots of money on cyber weapons and cyberwar and cyber defense. This feels incredibly destabilizing to me. I'm not convinced these things couldn't go off by accident "

I have to somewhat agree that Data Aggregators and government are inherently security risks, because they normally do not operate transparently and thus the public will never know just how secure the information they are holding on to are. The fiasco with Sony and earlier with Lockheed Martin should raise some red flags regarding this issue.

"feudal security" is pretty much what we rely on for most of our safety. Very few people are paranoid enough to worry about their security or safety in every aspect of their lives. There have been a few instances where government has helped us with that. Car safety. Building codes. And organizations like Underwriter Laboratories make sure we don't have to worry about the things we buy hurting us in any life threatening ways.

Data is it's more or less intangible and even more impossible for the general population to undertand how it can be dangerous. Convincing Congress to act in the favor of the people will be impossible with those large companies lining their pockets.

"feudal security" is pretty much what we rely on for most of our safety. Very few people are paranoid enough to worry about their security or safety in every aspect of their lives. There have been a few instances where government has helped us with that. Car safety. Building codes. And organizations like Underwriter Laboratories make sure we don't have to worry about the things we buy hurting us in any life threatening ways.

Data is more or less intangible and even more impossible for the general population to undertand how it can be dangerous. Convincing Congress to act in the favor of the people will be impossible with those large companies lining their pockets.

Data is more or less intangible and even more impossible for the general population to undertand how it can be dangerous.

I think most people are quite aware of how information about them like social security numbers, credit card numbers, bank account numbers, video rental history, books read, etc can be used to their detriment.

However, in many cases, it is more convient to allow data consolidators to hold that information.

But it still boggles my mind that my local city owned water company requires my social security number.

I understand and agree with this article. The more information stored, the juicier a target is. The government, of course, is no exception. Unfortunately, we live in an age where we must make certain deals with various Devils to obtain service. The rights to privacy we have do not protect us when "information is required" to obtain basic services or we have to pay a (sometimes hefty) deposit.

ardent wrote:

Schneier's been talking about this for years.

Too bad the only people listening were the ones he was trying to warn everyone else about.

I don't understand why you mention Apple with Google in terms of data hoarders. Are you referring to the type of data which they're hoarding? Because I imagine Google has access to several orders of magnitude more data than Apple does.

He sums up pretty much what I have firmly believed all along but didn't have the writing power to epxress. I will add even one more thing. I don't think governments or the big data are in there with a genuine mindset about safety. They really are in there for 'control'. Google, Facebook, Amazon and Apple all manage to pull it off through technology, and government gets a free ride by enacting laws. I am actually glad that Microsoft continues to be 'relatively' trustworthy.

I fear that the technological capability to store and mine data + the ease with which this data can now be collected through these ever-increasing closed systems will prove to be Achille's heel for the 'real' freedom of the society - which has already lost great deal of ground to these ever-pervasive and intrusive data intrusion and mandated retention policies, and eco-systems.

I don't understand why you mention Apple with Google in terms of data hoarders. Are you referring to the type of data which they're hoarding? Because I imagine Google has access to several orders of magnitude more data than Apple does.

Apple has all the infos from their walled garden (iTunes, iCloud, iOS, OSX, Siri and data from a lot of apps + more I haven't thought of)That is Googles ballpark, certainly more than Amazon has. They have to fill their new data centers with something, right?

The problem with this kinds of threats is that people have no idea how far data mining, profiling and such already go today. I can't speak for the US, but for parts of continental europe.

Another thing is that with the ongoing political debates about the internet and also "offline security" that employs plain lies and deceptive arguments people are getting more and more accustomed to believe that everything that lies out there in the open is mainly a potential threat that might harm them and hence is better locked down. That is especially true for us Germans.The other side of locking down systems and providing certain entities access and rights for protection is rarely considered because law enforcement etc are inherently good. Many people also don't realize that if they allow such measures for fighting actual crime that actual crime is not what they get told by politicians, like terrists and child pornography, but mainly small fish they wouldn't sacrifice privacy for.

Another thing Schneier addresses is the problem with the security of big heaps of data. Not long ago we had a very sensitive data breach here in DE. Some server from law enforcement got hacked, revealing personal information about undercover agents and installation details about bugs, including their phone numbers. You could just call those bugs and listen, they had no additional security except an unpublished phone number.The server was built upon a well known WAMP package that explicitly tells you to not use it for productive environments!Now can you really want that such organizations have access to sensitive log files of all internet users? Do you think they will protect that better than they protect information that could put their under cover colleagues' life at risk?

The reason why I believe we're on a slippery slope to something close to 1984 is, though, a mere human problem I haven't seen Schneider address (imo) clear enough. Whenever there is a technical possibility only limited formally, sooner or later the formal limitation will be questioned or it will just be inofficially ignored. We have nice bridges on our Autobahn that communicate with the units in trucks responsible for estimating the toll they've to pay. They can also make pictures of trucks who lack such a unit so you can later charge them.How long did you think did it take until law enforcement wanted those bridges to scan for certain license plates? How long do you think it will take them to ask for scanning every car, just in case this could maybe even help a defendant?

The other side of the coin is its impossible to store all the data that is collected.

Hattori the toll systems scan all cars and have been for years(or at least have here)Some countries and states allow the police to use the data to track stolen cars.Problem is storing the data. Images and data don't compress well ,worse for high resolution images and video.

Even with small amounts of text data it still adds up and gets very large very quickly.

1984 has been and gone in some aspects, problem is data storage.

Even your mobile phone provider "tracks" your location when your phone is turned on.Google knows where you are logging in from, ip and mobile device.

If you don't want this sort of tracking, live in an area without telecoms coverage, don't use the internet , no mobile phone, only ever pay cash (have to go to the bank and withdraw cash though) , don't use any rewards cards or credit card (or library card). Don't go through any intersections with red light cameras, don't use toll roads etc

Not to bad if you live in the middle of no where in the country, almost impossible in the city(and don't forget all the surveillance cameras).

Here is Australia in return for letting the supermarkets track your grocery purchases you get fuel discounts(both major supermarkets do it) can "save" up to $2 to 4 per fill up for a car. But the supermarkets have databases of what their shoppers have been buying and when.

Last year I received a "free" new razor from one of the companies (with just the single attached blade), the card with it said they had noticed that I hadn't brought a new razor recently.

All the information is just sitting on servers somewhere and more likely than not, it is properly secured.Don't forget emedical records

No facebook no twitter accounts... thinking of getting rid of google stuff too.... It's a slippery slope all right. Although I am probably a sucker for being as lax with google as I am for their "no evil" thing. We need another relevant player who will promote the "no evil" mantra in a google diminishing way. Somone to go in a proper direction, with a proper face of competition. If that's possible. Google started all right. Or you just have to end up a data hoarder which ever way you turn...

Until now the toll system has to discard data. If they save it in text I see no problem with storage. If I play dumb I can code a license plate as a string with ten bytes, less in an optimized format. Let's take two bytes for the toll bridge number and store date as yyyy-mm-dd-hh-ss for an additional 12 bytes. That's 24 and highly inefficient. So on a 2.5TB drive I could store roughly 100.000.000.000 combinations of plate, time and place. Let's say we have 100 million cars. That's a thousand bridges for every single one.We could now argue where I have forgotten a zero or how much overhead this or that adds etc, but the order of magnitude is within reach of consumer grade hardware.I never thought of pictures, btw.

And yes, I know that my phone provider tracks me and I don't even use Tor, refuse all cookies and such. The problem I see is that while a mobile phone provider has a certain need to track me and my phone to provide service, authorities would like to add tracking features that are not needed for anything besides tracking. The internet connection details logging on a grand scale we already had here for some time also was never a data storage problem.

For the medical data I see of course the same problems. We will get electronic health insurance cards here, a disaster of a project for various reasons, and there's now discussions about backup storage outside the cards etc.If this gets halfway centralized this is a huge target, for mere economic reasons. And the problem with that is that you can't just reset passwords. If anything goes wrong even once, that is a problem on a grand scale.

The argument that I can't escape tracking and hence should not worry about the extent is, well, not really convincing.

Too bad the only people listening were the ones he was trying to warn everyone else about.

Basically anyone with the ability to abuse their spying powers has (naturally) signed away their right to say so. It's almost as if Bruce isn't warning about anything, rather he is passing on a confession.

Take Wikileaks for instance- it's the most open spy vehicle ever created, yet people don't "get it" due to their biases and black-and-white views on everything. Assange can only be good or bad, rebel or MI6 spy. Any combination is deemed crazy... a conspiracy to ignore....

I fear that the technological capability to store and mine data + the ease with which this data can now be collected through these ever-increasing closed systems will prove to be Achille's heel for the 'real' freedom of the society - which has already lost great deal of ground to these ever-pervasive and intrusive data intrusion and mandated retention policies, and eco-systems.

Time for web servers that do not do any logs.

Psh. Server logs are about the least effective way to track anybody ever. And they are essential to check for errors, tracebacks, etc. All current web measurement uses stuff like Google Analytics or SiteCatalyst, but these aren't that privacy invasive, and are more equivalent to watching somebody move around a store in order to determine how to best optimize . All the data is anonymous (I know who you are, cookie number 3b4f612a4ce2803a) and typically viewed in aggregate outside of testing anyways. You have to go way out of your way to look at a single use case, because that's simply not useful; large, statistically meaningful trends are.

It's not simple to mine this data with ease. It's simple to store it, that's been (essentially) a solved problem for a few decades now. But mining it? Really, the occasional funny Amazon "recommendations for you" ought to be proof that data mining isn't as effect as you think it is. Netflix has paid major dollar for making a better movie matching alogrithm, and they have had only limited success (and mostly likely have hit an insurmountable wall).

You have at least 200 variables.. There isn't likely to be a strong id (eg SSN) provided, so it's impossible outside of test cases to know when you have a possible match. On top of all of that, some the data is likely to be faulty. Some algorithms (the best typically) use randomness as an inherent part of the sorting process, so you get differing results every time you run the program. Much of the data has no accompanying information that makes it useful. On top of that, you're looking at terabyte of textual information. That requires special hardware, backups, etc. And it means that whatever you're doing has to be massively parallel, because you want results sometime within a few days at least, which means lots of nodes communicating very quickly with each other.

Data mining is very complicated. It's so complicated that Math majors focusing on some previously esoteric fields of stats will find themselves gainfully employed for the rest of their lives.

While I fear for the trends we have with data security, the whole Skynet scenario is unlikely right now. All data is in it's own little silo. Amazon's data is Amazon's data, and they aren't handing it around to Google, Facebook, or Apple, without a very strong court order, thank you very much. In a way, the meteoric rise of large companies in competition is a good thing, because it means that nobody is sharing that data.

And while the NSA has grown tremendously, they simply don't have the capacity to grab all of that data, let alone to decrypt it all and data mine it. What data they are extra judiciously grabbing is very worrisome, but we have quite a few years before 1984.

The next network isn't a public network like Google or Facebook, or a Facebook network, its a vetted network, which is what we're working on. Simple, private, useful. It was called the Internet before. I'm sure we'll come up with a name for it since whatever it is that I'm using today, certainly isn't the Internet. The Face-oogle-ad-o-matic net where nothing is free, but everyone pays, ain't cutting it.

Well at least we know why there aren't advanced alien societies. Biologically speaking evolution is going to require an organism advanced enough to develop technology to be groups of individuals. I know someone will say "hive mind" or some shit, but how would that communicate effectively? We can't even do that with the internet, the result of thousands of years of technology development. There's little chance of it just naturally developing in any organism that's widespread and populous enough to develop technology.

Moving on, since we assume individuals we also assume that they specialize. One "specializes" in bossing others around. Initially this works out alright. But then there's the specialists that build highly technical stuff. Eventually they build something that's incredibly complicated and potentially highly dangerous, like nano bots and von neumann machines.

By this time the "bossing around" type of societal person has become a hazard. Things are too complicated for any one person to understand, and since technology can develop so quickly we won't have evolved enough to keep up with the growing complexity. But the "boss" type people, which are now considered complete idiots by an ever growing percentage of people, still have power because someone clever hasn't thought of how to get rid of them yet. And then the "boss" people decide it would be good to say, create nano sized von nuemann machines that feed off certain highly available molecules on a life supporting planet.

Next thing you know, the planet and civilization are wiped out. All gone! Hell we've already almost nuked ourselves to oblivion a dozen times over because we're genetically pre-disposed towards giving into a "boss" type authority. And that's something glaringly god damned obvious that we shouldn't do. Now we have those same authority types screwing with the internet, which thankfully isn't terribly harmful visa vis civilization collapses (not yet anyway). But its not too hard to imagine them screwing with something that's less obvious but no less (or even more) dangerous than nuclear weapons. Once that's invented we might be doomed.

Until now the toll system has to discard data. If they save it in text I see no problem with storage. If I play dumb I can code a license plate as a string with ten bytes, less in an optimized format. Let's take two bytes for the toll bridge number and store date as yyyy-mm-dd-hh-ss for an additional 12 bytes. That's 24 and highly inefficient. So on a 2.5TB drive I could store roughly 100.000.000.000 combinations of plate, time and place. Let's say we have 100 million cars. That's a thousand bridges for every single one.We could now argue where I have forgotten a zero or how much overhead this or that adds etc, but the order of magnitude is within reach of consumer grade hardware.I never thought of pictures, btw.

If you need to use it in a court case, you need to go beyond reasonable doubt, which means a picture is required. "Reasonable doubt" would just require finding a log of a license plate with an 'I' that was actually an 'l' or a '1', bam, a problem with your software, my client is excused. Thanks for playing, and don't forget to pay court costs on your way out the door.

I just realized, having lived through the cold war era, from the beginning of the cold war era to the end of it (with the Berlin Wall coming down), substitute the term "nuclear weapons" for some of the cyber stuff in this guys little speech and you have the same speech given in the cold war era about the arms race that i'd heard a hundred times before with the same "the government has its finger on the button" type of ending to the speech.

I fully expect anything My Schneier says to be dismissed, by the lay man, as the crackpot rantings of an ageing hippy / communist, and any insight caught up by the media to be spun as such.

Nobody outside of the tech industry listens to John Gilmore or Steve Wozniak for these exact reasons; Concepts people don't understand described by people who look like the big news agencies' idea of a sex offender mixed with a stoner. Do us a favour and put on a suit when you do public speaking; Even if they don't understand, they'll still remember that you wore a tie.

I just realized, having lived through the cold war era, from the beginning of the cold war era to the end of it (with the Berlin Wall coming down), substitute the term "nuclear weapons" for some of the cyber stuff in this guys little speech and you have the same speech given in the cold war era about the arms race that i'd heard a hundred times before with the same "the government has its finger on the button" type of ending to the speech.

Interestingly enought, East Germany had 8 out of the 12 million citizens acting as informers and kept reams of data on each citizen. Unfortunately, they were unable to see the collapse of their own country.

They were too busy keeping track of who called who, who purchased what books, etc.

All the consitutional protections that the founding fathers created to protect the citizenry from the Government overreaching have basically been ignored or thrown out since 9/11. The consitution and law apparently doesn't apply to the Governement now.

Nobody outside of the tech industry listens to John Gilmore or Steve Wozniak for these exact reasons; Concepts people don't understand described by people who look like the big news agencies' idea of a sex offender mixed with a stoner. Do us a favour and put on a suit when you do public speaking; Even if they don't understand, they'll still remember that you wore a tie.

as the "kid" in spiked hair and a Che Guavara T said at the beginning of his presentation to a group of us security wonks from alphabet soup places like the CIA and NSA, "I'm beyond that."

He was absolutely right (and quite a riveting speaker with practical experience and access into the "hacker" community that no suit would have).